package com.hltx.interceptor;

import java.util.HashMap;
import java.util.Map;
import java.util.TreeMap;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.hltx.pojo.user.User;
import com.hltx.service.user.UserManager;
import com.hltx.util.CustomUtil;
import com.hltx.util.MessagesCode;
import com.hltx.util.ResultInfo;
import com.hltx.util.ResultUtil;



public class AppLoginSecurityInterceptor extends HandlerInterceptorAdapter {
	
	@Value("${app.key}")
	private String key;
	
	@Resource(name = "userService")
	private UserManager userService;
	
	@Override
	public boolean preHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {
		response.setContentType("text/html;charset=UTF-8");
		try {
			String signLogin = request.getParameter("signLogin");
			boolean isLogin = false;
			String loginId = "";
			System.out.println("登录验证开始");
			if (StringUtils.isNotEmpty(signLogin)){
				loginId = request.getParameter("loginId");
				String nonce = request.getParameter("nonce");
				String timestamp = request.getParameter("timestamp");
				Map<String, Object> login = userService.getLoginInfo(Integer.parseInt(loginId));
				if(login != null && !login.isEmpty()){
					Map<String, String> paramsO = new TreeMap<String, String>();
					paramsO.put("userName", (String)login.get("userName"));
					paramsO.put("pwd", (String)login.get("pwd"));
					paramsO.put("nonce", nonce);
					paramsO.put("timestamp", timestamp);
					String mySign = CustomUtil.createSign(paramsO,key);
					System.out.println("222222 + " + mySign);
					System.out.println("222 + " + signLogin);
					if (StringUtils.equals(signLogin.toUpperCase(), mySign)) {
						isLogin = true;
					}
				}

			}
			String requestType = request.getHeader("X-Requested-With");
			if(!isLogin){
				System.out.println(requestType);
				if (!StringUtils.equals(requestType,"XMLHttpRequest")) {
					String contextPath = request.getContextPath();
					System.out.println(contextPath);
					response.sendRedirect(contextPath+"/toLogin");
				}else{
					Map<String, Object> resMap = new HashMap<String, Object>();
					resMap.put("result", ResultUtil.initResult(ResultInfo.ERROR, MessagesCode.LOGIN_OUT, "用户未登录"));
					ObjectMapper om = new ObjectMapper();
					response.getWriter().print(om.writeValueAsString(resMap));
				}
				
			}else{
				if (!StringUtils.equals(requestType,"XMLHttpRequest")) {
					User resultUser = userService.getUserInfo(Integer.parseInt(loginId));
					if(resultUser != null){
						request.getSession().setAttribute("sessionUser", resultUser);
					}
				}
			}
			System.out.println("登录验证结束");
			return isLogin;
		}catch(Exception e){
			
			return false;
		}
	}

}
